CVE-2025-4538 | kkFileView 4.4.0 /fileUpload File unrestricted upload

Inserito da Angelo Barbosa | Mag 10, 2025 | CVE

A vulnerability was found in kkFileView 4.4.0. It has been classified as critical. This affects an unknown part of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2025-4538. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4538 | kkFileView 4.4.0 /fileUpload File unrestricted upload

Post correlati

CVE-2024-5193 | Ritlabs TinyWeb Server 1.94 Request crlf injection

CVE-2024-47191 | oath-toolkit up to 2.6.11 pam_oath.so liboath/usersfile.c oath_authenticate_usersfile symlink (Nessus ID 208203)

CVE-2025-2051 | PHPGurukul Apartment Visitors Management System 1.0 /search-visitor.php searchdata sql injection

CVE-2023-52351 | Unisoc S8000 Ril Service out-of-bounds write